> snyk
Find and fix vulnerabilities in code and dependencies with Snyk. Use when a user asks to scan for security vulnerabilities, audit npm packages, check Docker images for CVEs, or integrate security into CI/CD.
curl "https://skillshub.wtf/TerminalSkills/skills/snyk?format=md"Snyk
Overview
Snyk finds and fixes vulnerabilities in open-source dependencies, container images, IaC configs, and code. Integrates into CLI, CI/CD, Git repos, and IDEs.
Instructions
Step 1: Setup
npm install -g snyk
snyk auth
Step 2: Scan Dependencies
snyk test # test for vulnerabilities
snyk monitor # continuous monitoring
snyk fix # auto-fix vulnerabilities
Step 3: Container Scanning
snyk container test node:20-alpine
snyk container test my-app:latest --file=Dockerfile
Step 4: IaC Scanning
snyk iac test # scan Terraform, K8s manifests
snyk iac test --report # upload to dashboard
Guidelines
- Free tier: 200 dependency tests/month, unlimited container tests.
- Use
--severity-threshold=highin CI to fail only on critical issues. snyk fixauto-generates PRs with dependency upgrades.- Alternatives: npm audit (basic), GitHub Dependabot (free), Socket.dev (supply chain).
> related_skills --same-repo
> zustand
You are an expert in Zustand, the small, fast, and scalable state management library for React. You help developers manage global state without boilerplate using Zustand's hook-based stores, selectors for performance, middleware (persist, devtools, immer), computed values, and async actions — replacing Redux complexity with a simple, un-opinionated API in under 1KB.
> zoho
Integrate and automate Zoho products. Use when a user asks to work with Zoho CRM, Zoho Books, Zoho Desk, Zoho Projects, Zoho Mail, or Zoho Creator, build custom integrations via Zoho APIs, automate workflows with Deluge scripting, sync data between Zoho apps and external systems, manage leads and deals, automate invoicing, build custom Zoho Creator apps, set up webhooks, or manage Zoho organization settings. Covers Zoho CRM, Books, Desk, Projects, Creator, and cross-product integrations.
> zod
You are an expert in Zod, the TypeScript-first schema declaration and validation library. You help developers define schemas that validate data at runtime AND infer TypeScript types at compile time — eliminating the need to write types and validators separately. Used for API input validation, form validation, environment variables, config files, and any data boundary.
> zipkin
Deploy and configure Zipkin for distributed tracing and request flow visualization. Use when a user needs to set up trace collection, instrument Java/Spring or other services with Zipkin, analyze service dependencies, or configure storage backends for trace data.